SalesforceCommerceCloud · alexvuong · Feb 5, 2025 · Feb 7, 2025 · Feb 11, 2025 · Feb 11, 2025
@@ -1,5 +1,8 @@
 ## CHANGELOG
 
+## v4.1.0
+- Support Node 22 [#412](https://github.com/SalesforceCommerceCloud/commerce-sdk/pull/412)
+
 ## v4.0.0
 
 ### :warning: Planned API Changes :warning: 

@@ -1,10 +1,10 @@
 {
-  "id": "893f605e-10e2-423a-bdb4-f952f56eb6d8/cdn-api-process-apis/1.0.32",
+  "id": "893f605e-10e2-423a-bdb4-f952f56eb6d8/cdn-api-process-apis/1.0.36",
   "name": "CDN Zones",
   "description": "Extend your eCDN beyond Business Manager configuration.",
   "groupId": "893f605e-10e2-423a-bdb4-f952f56eb6d8",
   "assetId": "cdn-api-process-apis",
-  "version": "1.0.32",
+  "version": "1.0.36",
   "categories": {
     "API layer": [
       "Process"

@@ -71,6 +71,9 @@ types:
   WAFRulePackage: !include dataTypes/WAFRulePackage.raml
   OriginHeaderModification: !include dataTypes/OriginHeaderModification.raml
   OriginHeaderModificationPutRequest: !include dataTypes/OriginHeaderModificationPutRequest.raml
+  MtlsCertificateRequest: !include dataTypes/MtlsCertificateRequest.raml
+  MtlsCertificateResponse: !include dataTypes/MtlsCertificateResponse.raml
+  DCVDelegationRecord: !include dataTypes/DCVDelegationRecord.raml
 
   ZonesEnvelope:
     type: CollectionResponseEnvelope
@@ -202,7 +205,17 @@ types:
     properties:
       data:
         type: OriginHeaderModification
-
+  MtlsCertificateResponseEnvelope:
+    type: ItemResponseEnvelope
+    properties:
+      data:
+        type: MtlsCertificateResponse
+  MtlsCertificatesResponseEnvelope:
+    type: CollectionResponseEnvelope
+    properties:
+      data:
+        type: MtlsCertificateResponse[]
+
 traits:
   hasUnauthorizedResponse: !include traits/HasUnauthorizedResponse.raml
   hasForbiddenAccessResponse: !include traits/HasForbiddenAccessResponse.raml
@@ -232,6 +245,61 @@ traits:
               example: !include /examples/zone/storefront-zone-create-response.raml
       securedBy:
         - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones.rw ] }
+  /mtls/code-upload-certificates:
+    get:
+      is: [hasBadRequestResponse, hasInternalServerErrorResponse, hasForbiddenAccessResponse, hasUnauthorizedResponse]
+      displayName: getCodeUploadCertificates
+      description: Returns all the mTLS certificates for the account.
+      responses:
+        '200':
+          description: Successfully retrieved details of the mTLS certificates requested by the
+            caller.
+          body:
+            application/json:
+              type: MtlsCertificatesResponseEnvelope
+              example: !include /examples/mtlsCodeUpload/mtls-codeupload-get-certificates-response.raml
+      securedBy:
+          - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones, sfcc.cdn-zones.rw ] }
+    post:
+      is: [hasBadRequestResponse, hasUnauthorizedResponse, hasForbiddenAccessResponse, hasInternalServerErrorResponse, hasResourceNotFoundResponse]
+      displayName: createCodeUploadCertificate
+      description: Set up two-factor mTLS certificates for the account and associate the staging zone code upload hostname.
+      body:
+        application/json:
+          type: MtlsCertificateRequest
+          example: !include /examples/mtlsCodeUpload/mtls-codeupload-post-certificate-request.raml
+      responses:
+        '201':
+          description: Returns information about the uploaded mTLS certificate.
+          body:
+            application/json:
+              type: MtlsCertificateResponseEnvelope
+              example: !include /examples/mtlsCodeUpload/mtls-codeupload-get-certificate-response.raml
+      securedBy:
+        - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones.rw ] } 
+  /mtls/code-upload-certificates/{mtlsCertificateId}:
+    get:
+      is: [hasBadRequestResponse, hasInternalServerErrorResponse, hasForbiddenAccessResponse, hasUnauthorizedResponse]
+      displayName: getCodeUploadCertificate
+      description: Returns the mTLS certificate for the given account's mTLS certificate ID.
+      responses:
+        '200':
+          description: Successfully retrieved mTLS certificate information from the mTLS certificate ID requested by the caller.
+          body:
+            application/json:
+              type: MtlsCertificateResponseEnvelope
+              example: !include /examples/mtlsCodeUpload/mtls-codeupload-get-certificate-response.raml
+      securedBy:
+          - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones, sfcc.cdn-zones.rw ] }
+    delete:
+        is: [ hasResourceNotFoundResponse ]
+        displayName: deleteCodeUploadCertificate
+        description: Removes an mTLS certificate and associated hostname.
+        responses:
+          204:
+            description: Successfully deleted the mTLS certificate from the account.
+        securedBy:
+          - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones.rw ] }
   /zones/info:
     is: [hasUnauthorizedResponse, hasForbiddenAccessResponse, hasInternalServerErrorResponse]
     get:
@@ -975,7 +1043,7 @@ traits:
     put:
       is: [hasBadRequestResponse]
       displayName: upsertOriginHeaderModification
-      description: Upsert origin header modification.
+      description: Upsert origin header modification. Only the `mrt` type is supported.
       body:
         application/json:
           type: OriginHeaderModificationPutRequest
@@ -998,7 +1066,7 @@ traits:
     get:
       is: [hasBadRequestResponse]
       displayName: getOriginHeaderModification
-      description: Get origin header modification associated with a zone.
+      description: Get origin header modification associated with a zone. Only the `mrt` type is supported.
       responses:
         200:
           description: Successfully returned the origin header modification associated with a zone.
@@ -1010,9 +1078,14 @@ traits:
         - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones, sfcc.cdn-zones.rw ] }
     delete:
       displayName: deleteOriginHeaderModification
-      description: Delete the origin header modification associated with a zone.
+      description: Delete the origin header modification associated with a zone. Only the `mrt` type is supported.
       responses:
         204:
           description: Successfully deleted the origin header modification associated with a zone.
       securedBy:
         - CommerceCloudStandards.AmOAuth2: { scopes: [ sfcc.cdn-zones.rw ] }
+    uriParameters:
+      type:
+        description: The type of origin header modification. Only the `mrt` type is supported.
+        type: string
+        example: mrt
@@ -61,6 +61,19 @@ properties:
     type: string
     enum: [ACTIVE, EXPIRED, PENDING, INITIALIZING, PENDING_VALIDATION, PENDING_ISSUANCE, PENDING_DEPLOYMENT]
     required: false
+  wildcardCertificateVerificationTXTName:
+    description: eCDN automatic renewal certificate verification txt name.
+    type: string
+    required: false
+  wildcardCertificateVerificationTXTValue:
+    description: eCDN automatic renewal certificate verification txt value.
+    type: string
+    required: false
+  wildcardCertificateVerificationStatus:
+    description: Current status of certificate verification.
+    type: string
+    enum: [ACTIVE, EXPIRED, PENDING, INITIALIZING, PENDING_VALIDATION, PENDING_ISSUANCE, PENDING_DEPLOYMENT]
+    required: false
   customHostnameVerificationTXTName:
     description: Custom Hostname verification txt name.
     type: string
@@ -82,3 +95,9 @@ properties:
     type: string
     enum: [ACTIVE, EXPIRED, DELETED, PENDING, INITIALIZING, PENDING_VALIDATION, PENDING_ISSUANCE, PENDING_DEPLOYMENT, PENDING_DELETION, MOVED]
     required: false
+  dcvDelegationRecords:
+    description: eCDN automatic renewal certificate DCV delegation records
+    type: array
+    items:
+      type: DCVDelegationRecord
+    required: false
@@ -5,6 +5,10 @@ properties:
   hostname:
     description: Hostname that certificate needs to be applied to.
     type: string
+  bundleMethod:
+    description: Bundle method of the custom certificate chain for verification.
+    type: string
+    required: false
   certificateType:
     description: Indicates certificate is custom or automatic certificate renewal by eCDN. Optional field, if nothing specified the default value is custom. Valid values are custom or automatic.
     type: string
@@ -25,3 +29,7 @@ properties:
     description: Certificate validation type is optional only for `certificateType` automatic, default value is `http`. Valid values are `http` or `txt`.
     type: string
     required: false
+  wildcardHostname:
+    description: Set to true for a wildcard custom hostname.
+    type: boolean
+    required: false
@@ -0,0 +1,12 @@
+#%RAML 1.0 DataType
+description: eCDN automatic renewal certificate DCV delegation records.
+type: object
+properties:
+  dcvCname:
+    description: DNS CNAME for Domain Control Validation.
+    type: string
+    required: false
+  dcvCnameValue:
+    description: DNS CNAME value for Domain Control Validation.
+    type: string
+    required: false
@@ -1,5 +1,5 @@
 #%RAML 1.0 DataType
-description: PATCH request for updating an MRT rule. You may use the PATCH request to update the rule's expression as well as disable/enable the rule.
+description: PATCH request for updating an MRT rule. You may use the PATCH request to update the rule's expression and description as well as disable/enable the rule.
 type: object
 properties:
   enabled:
@@ -11,4 +11,9 @@ properties:
     description: The expression that determines the MRT rule's routing behavior. 
     type: string
     example: (http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path1/.*\" or http.request.uri.path matches \"^.*/path2/.*/products/.*\"))
+    required: false
+  description:
+    description: The description of the rule. Optional.
+    type: string
+    example: Phased rollout rule for dev-customer.salesforce.com
     required: false
@@ -10,6 +10,11 @@ properties:
     description: The expression that determines the rule's routing behavior. 
     type: string
     example: (http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path1/.*\" or http.request.uri.path matches \"^.*/path2/.*/products/.*\"))
+  description:
+    description: The description of the rule.
+    type: string
+    example: Phased rollout rule for dev-customer.salesforce.com
+    required: false
   lastUpdated:
     description: Date when the rule was last updated.
     type: datetime

@@ -9,4 +9,9 @@ properties:
   expressions:
     description: An array containing the expressions for each MRT rule.
     type: string[]
-    example: ["(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path1/.*\" or http.request.uri.path matches \"^.*/path2/.*/products/.*\"))"]
+    example: ["(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path1/.*\" or http.request.uri.path matches \"^.*/path2/.*/products/.*\"))"]
+  descriptions:
+    description: An array containing the descriptions for each MRT rule. The number of descriptions provided must match the number of expressions provided. Optional.
+    type: string[]
+    example: ["Phased rollout rule for dev-customer.salesforce.com"]
+    required: false
@@ -15,4 +15,9 @@ properties:
     description: An array containing the expressions for each MRT rule.
     type: string[]
     example: ["(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path1/.*\" or http.request.uri.path matches \"^.*/path2/.*/products/.*\"))"]
+    required: false
+  descriptions:
+    description: An array containing the descriptions for each MRT rule. The number of descriptions provided must match the number of expressions provided. Optional.
+    type: string[]
+    example: ["Phased rollout rule for dev-customer.salesforce.com"]
     required: false
@@ -0,0 +1,16 @@
+#%RAML 1.0 DataType
+description: mTLS certificate request information.
+type: object
+properties:
+  certificate:
+    description: Public key for the CA certificate in mTLS.
+    type: string
+    required: true
+  privateKey:
+    description: Private key of the CA certificate in mTLS.
+    type: string
+    required: true
+  name:
+    description: Certificate name used for ease of understanding.
+    type: string
+    required: true
@@ -0,0 +1,41 @@
+#%RAML 1.0 DataType
+type: object
+description: mTLS certificate information.
+properties:
+  mtlsCertificateId:
+    pattern: ([a-f0-9]{8}(-[a-f0-9]{4}){4}[a-f0-9]{8})
+    description: ID generated by the CDN provider for the certificate.
+    type: string
+    required: false
+  expiresOn:
+    description: Expiration date for the mTLS certificate.
+    type: datetime
+    required: false
+  issuer:
+    description: The certificate authority that issued the mTLS certificate.
+    type: string
+    required: false
+  signature:
+    description: The type of hash used for the mTLS certificate.
+    type: string
+    required: false
+  uploadedOn:
+    description: Date the mTLS certificate was uploaded.
+    type: datetime
+    required: false
+  ca:
+    description: Indicates whether the mTLS certificate is a CA or leaf certificate.
+    type: boolean
+    required: false
+  serialNumber:
+    description: The mTLS certificate serial number.
+    type: string
+    required: false
+  mtlsCertificateName:
+    description: Optional name for the mTLS certificate used for ease of understanding.
+    type: string
+    required: false
+  mtlsAssociatedCodeUploadHostname:
+    description: Hostname associated with this mTLS certificate.
+    type: string
+    required: false
@@ -10,6 +10,11 @@ properties:
     description: The action applied by the WAF managed rule.
     type: string
     example: block
+  score:
+    description: The score of the WAF managed rule. Only applicable for the OWASP Managed Ruleset.
+    type: integer
+    example: 5
+    required: false
   categories:
     description: A list of categories describing the function of the WAF managed rule.
     type: string[]

@@ -2,5 +2,6 @@
 value :
   {
     "enabled": true,
-    "expression": "(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))"
+    "expression": "(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))",
+    "description": "Phased rollout rule for dev-customer.salesforce.com"
   }
@@ -12,6 +12,7 @@ value:
               {
                 "id": "12345678901234asdfasfasdf1234567",
                 "expression": "(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))",
+                "description": "Phased rollout rule for dev-customer.salesforce.com",
                 "lastUpdated": "2022-09-27T18:32:34.675182Z",
                 "ref": "12345678901234asdfasfasdf1234567",
                 "enabled": true,

@@ -12,6 +12,7 @@ value:
               {
                 "id": "12345678901234asdfasfasdf1234567",
                 "expression": "(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"/on/path1/.*\" or http.request.uri.path matches \"/on/path2/.*\" or http.request.uri.path matches \".*routeDetails=true\" or http.request.uri.path eq \"/path3.txt\" ))",
+                "description": "Phased rollout rule for dev-customer.salesforce.com",
                 "lastUpdated": "2022-09-15T21:14:42.372459Z", 
                 "ref": "12345678901234asdfasfasdf1234567",
                 "enabled": true,
@@ -20,6 +21,7 @@ value:
               {
                 "id": "12345678901234asdfasfasdf1234567",
                 "expression": "(http.host in {\"test-customer.salesforce.com\" \"test2-customer.salesforce.com\"} and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))",
+                "description": "Phased rollout rule for test-customer.salesforce.com",
                 "lastUpdated": "2022-09-15T21:14:42.372459Z", 
                 "ref": "12345678901234asdfasfasdf1233333",
                 "enabled": true,
@@ -28,6 +30,7 @@ value:
               {
                 "id": "12345678901234asdfasfasdf1234567",
                 "expression": "(http.host eq \"prd-customer.salesforce.com\" and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))",
+                "description": "Phased rollout rule for prd-customer.salesforce.com",
                 "lastUpdated": "2022-09-15T21:14:42.372459Z",
                 "ref": "98745678901234asdfasfasdf1234567",
                 "enabled": true,

@@ -2,5 +2,6 @@
 value :
   {
     "mrtHostname": "customer.mobify-storefront.com",
-    "expressions": ["(http.host in {\"test-customer.salesforce.com\" \"test2-customer.salesforce.com\"} and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))"]
+    "expressions": ["(http.host in {\"test-customer.salesforce.com\" \"test2-customer.salesforce.com\"} and not ( http.request.uri.path matches \"^/path4/.*\" or http.request.uri.path matches \"^.*/path5/.*/products/.*\"))"],
+    "descriptions": ["Phased rollout rule for test-customer.salesforce.com and test2-customer.salesforce.com"]
   }
@@ -2,5 +2,6 @@
 value :
   {
     "mrtHostname": "customer.mobify-storefront.com",
-    "expressions": ["(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"/on/path1/.*\" or http.request.uri.path matches \"/on/path2/.*\" or http.request.uri.path matches \".*routeDetails=true\" or http.request.uri.path eq \"/path3.txt\" ))"]
+    "expressions": ["(http.host eq \"dev-customer.salesforce.com\" and not ( http.request.uri.path matches \"/on/path1/.*\" or http.request.uri.path matches \"/on/path2/.*\" or http.request.uri.path matches \".*routeDetails=true\" or http.request.uri.path eq \"/path3.txt\" ))"],
+    "descriptions": ["Phased rollout rule for dev-customer.salesforce.com"]
   }